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DETAILED ACTION 

1. This action is responsive to the communication filed on February 6, 2004. 
Claims 1-24 are pending. At this time, claims 1-24 are rejected. 

Information Disclosure Statement 

2. The information disclosure statement (IDS) filed on February 6, 2004. The 
submission is in compliance with the provisions of 37 CFR1.97. Accordingly, the 
information disclosure statement is being considered by the examiner. 

Claim Objections 

3. Claims 2-8 are objected to because of the following informalities: 
independent claim 1 is claiming a system, whereas dependent claims 2-8 are claiming 
the computer system. Appropriate correction is required. 

Claim Rejections - 35 USC §101 

4. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition 
of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

5. Claims 12 and 20-24 are rejected under 35 U.S.C. 101 because the 
claimed invention is directed to non-statutory subject matter. 

a. Referring to claims 1-5: 

Claim 12 recites "wherein the SSO server is implemented as 
software stored in the storage and executed by the client workstation's CPU." This claim 
is clearly directed toward a software program and it is non-statutory as not being 
tangibly embodied in a manner so as to be executable. Therefore, claim 12 recites a 
non-statutory subject matter. 

Claim 20 recites "a method using SSO server" This claim is clearly 
directed toward a software program and it is non-statutory as not being tangibly 
embodied in a manner so as to be executable. Therefore, claim 20 recites a non- 
statutory subject matter. 

Claims 21-24 are depended on claim 20, thus they are rejected with 
the same rationale applied against claim 20 above. 
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Claim Rejections - 35 USC § 102 

6. The following is a quotation of the appropriate paragraphs of 35 
U.S.C. 102 that form the basis for the rejections under this section made in this Office 
action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

7. Claims 1-24 are rejected under 35 U.S.C. 102(e) as being anticipated by 
Biswas et al (US 7,174,383 B1). 

a. Referring to claim 1: 

i. Biswas teaches a system, comprising: 

(1) a client workstation (see Figure 1, elements 104 and 

108 of Biswas); 

(2) a single sign-on ("SSO") server accessible to the 
client workstation (see Figure 1, elements 112, 104, and 108 and column 4, lines 7- 
16 of Biswas); 

(3) a plurality of host servers accessible to the client 
workstation (see Figure 1, elements 114, 116, and 118 and column 3, line 14, lines 
32-33 of Biswas); 

(4) wherein access by the client workstation to a first host 
server causes the client workstation to be automatically re-directed to the SSO server 
and the SSO server causes the client workstation to request sign-on credentials from a 
user if the user has not signed on to any of the host servers, and wherein the first host 
server, not the SSO server, authenticates the user (see abstract and column 1, line 
67 through column 2, line 8; column 3, lines 65 through column 4, line 17 of 
Biswas). 

b. Referring to claim 2: 
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i. Biswas further teaches: 

(1) upon being re-directed to the SSO server, the first 
host server supplies the SSO server with security information that is used to encrypt 
sign-on credentials (column 3, lines 65 through column 4, line 17 of Biswas). 

b. Referring to claim 3: 

i. Biswas further teaches: 

(1) wherein the user's sign-on credentials are stored in 
the client workstation (column 3, lines 25-30 of Biswas). 

c. Referring to claim 4: 

i. Biswas further teaches: 

(1) wherein the user's sign-on credentials are stored in 
the SSO server (column 4, lines 40-42 of Biswas). 

d. Referring to claim 5: 

i. Biswas further teaches: 

(1) after the first host server authenticates the user, the 
client workstation accesses a second host server which causes the client workstation to 
be automatically re-directed to the SSO server, and wherein the SSO server causes the 
sign-on credentials to be retrieved and used by the second host server to authenticate 
the user without the user supplying additional sign-on credentials (see abstract and 
column 1, line 67 through column 2, line 8; column 3, lines 65 through column 4, 
line 17 of Biswas). 

e. Referring to claims 6 and 7: 

i. These claims have limitations that is similar to those of 
claims 3 and 4, thus they are rejected with the same rationale applied against claims 3 <C 
and 4 above. Furthermore, cookie is stored in the web browser for later use. The next 
time user go to the same website, user's browser will send the cookie to the web server, 
as shown in Figure 2 of user computer. In addition, token is cookie (column 3, lines 
60-64 of Biswas). 

f. Referring to claim 8: 

i. Biswas further teaches: 
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(1) after requesting sign-on credentials from the user, the 
client workstation is automatically re-directed back to the first host server to authenticate 
the user (see abstract and column 1, line 67 through column 2, line 8; column 3, 
lines 65 through column 4, line 17 of Biswas). 

g. Referring to claim 9: 

i. Biswas teaches a client workstation configured to access 
any one or more of a plurality of services (see Figures 1 and 2 of Biswas), comprising: 

(1) a CPU; an input device coupled to the CPU; and 
storage coupled to the CPU (see Figures 1-2 and column 3, lines 8-19; column 4, lines 
17-34 of Biswas), said storage containing a browser that is executed by the CPU and 
that causes the workstation to: 

(2) browse to a service that runs in a host server (see 
Figure 2, element 202 and column 4, lines 25-28 of Biswas); 

(3) automatically re-direct to a single sign-on ("SSO") 
server; and permit the host server to authenticate a user either by requiring the user to 
enter credentials via the input device if the user has not already signed-on to a service 
and providing the credentials to the host server or, without the user entering credentials, 
by providing credentials previously stored in the storage to the host server if the user 
has already signed-on to a service and providing the credentials to the host server (see 
abstract and column 1, line 67 through column 2, line 8; column 3, lines 65 
through column 4, line 17 of Biswas). 

h. Referring to claim 10: 

i. Biswas further teaches: 

(1) the CPU (column 3, lines 8-19) further causes the 
workstation to be re-directed back to the service" to permit the host server to 
authenticate the user (see abstract and column 1, line 67 through column 2, line 8; 
column 3, lines 65 through column 4, line 17 of Biswas). 

i. Referring to claim 11: 

i. Biswas further teaches: 
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(1) wherein the credentials are encrypted and stored in 
the storage (column 4, lines 14-16 and lines 40-42 of Biswas), 
j. Referring to claim 12: 

i. Biswas further teaches: 

(1) wherein the SSO server is implemented as software 
stored in the storage and executed by the client workstation's CPU (column 3, lines 45- 
50 of Biswas). 

k. Referring to claims 13-19: 

i. These claims have limitations that is similar to those of 
claims 1-12, thus they are rejected with the same rationale applied against claim 12 
above. 

I. Referring to claims 20-24: 

i. These claim consist a computer program product for making 
trust management determinations to implement claims 1 and 9, they are rejected with 
the same rationale applied against claim 12 above. 

Conclusion 

8. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

a. Bhatia et al (US 2005/0039008 A1) discloses a system that 
facilitates end-to-end identity propagation to a backend-tier application that is not single 
sign-on enabled (see abstract). Claims 1-24 of the instant invention are also met on 
these paragraphs [0007] and [0022-0035] of Bhatia. 

b. Bivens et al (US 2003/0226036 A1 discloses a method and 
apparatus for single sign-on authentication (see Title of Bivens). 

c. Fang et al (US 6,240,512 B1) discloses single sign-on (SSO) 
mechanism having master key synchronization (see Title of Fang). 

d. Miller et al (US 2003/0105981 A1) discloses a system and method 
for single session sign-on (see Title of Miller). 
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Any inquiry concerning this communication or earlier 
communications from the examiner should be directed to Thanhnga (Tanya) Truong 
whose telephone number is 571-272-3858. 

If attempts to reach the examiner by telephone are unsuccessful, 
the examiner's supervisor, Kim Vu can be reached at 571-272-3859. The fax and 
phone numbers for the organization where this application or proceeding is assigned is 
571-273-8300. 

Any inquiry of a general nature or relating to the status of this 
application or proceeding should be directed to the receptionist whose telephone 
number is 571-272-2100. 

TBT ^JZI3^ 
April 27, 2007 



